Non-Patent Document 1 discloses an example of a distributed ID (Identifier) management system. As shown in FIG. 4, the distributed ID management system disclosed in Non-Patent Document 1 includes an ID management server (IdP-0), a service providing server (SP-1), and a service providing server (SP-2).
The distributed ID management system having this structure operates in the following manner.
Specifically, the ID management server (IdP-0) and the service providing server (SP-1) associates the IDs (Identifiers) of a user (a user u, for example) registered in the respective servers with each other in advance. Likewise, the ID management server (IdP-0) and the service providing server (SP-2) associates the IDs of the same user u registered in the respective servers with each other in advance.
Here, the ID management server (IdP-0) manages to associate one ID of the user u with each of the associated service providing servers, even though the IDs belong to the same user, for example.
The user u then issues an authentication request to the ID management server (IdP-0) from a user terminal (not shown). When the user is authenticated, the ID management server (IdP-0) issues a request for a service to the service providing server (SP-1). In that case, the ID management server (IdP-0) transmits the user information (987654@SP-1) about the user u in the service providing server (SP-1) as an authenticated user to the service providing server (SP-1).
The ID management server (IdP-0) also transmits the user information (123456@SP-2) about the user u in the service providing server (SP-2) as an authenticated user to the service providing server (SP-2).
Meanwhile, Patent Document 1 discloses a technique for solving the problem of having to set a different ID of a user in each of different systems, and having to use the respective IDs of the user in the respective systems.
Patent Document 1 discloses the following method for transmitting authentication information. The reference numerals used in this paragraph correspond to those in FIG. 3 of Patent Document 1. A user authentication information transmitting unit 20d of a computer system 20 of a company A searches a user information storage unit 20c, extracts the user authentication information about a company B associated with first user authentication information about a user 1, and encrypts the extracted second user authentication information. The user authentication information transmitting unit 20d transmits the encrypted second user authentication information, together with the information necessary for accessing a computer system 30 of the company B, via a transmitting/receiving unit 20a. 
Patent Document 1 also discloses a method for retrieving authentication information. Specifically, a user authenticating unit 30b of the second computer system 30 decrypts the second user authentication information received by a transmitting/receiving unit 30a. Based on the decrypted second user authentication information, the user authenticating unit 30b performs authentication by searching a user information storage unit 30c. The reference numerals used in this paragraph also correspond to those in FIG. 3 of Patent Document 1.
Meanwhile, Patent Document 2 discloses a single sign-on server. The reference numerals used in this paragraph correspond to those in FIG. 1 of Patent Document 2. This document discloses that, if an user ID is not mapped, the single sign-on server 11 reads the mapping ID of a company B from a mapping ID table 16, and registers the mapping ID in an ID mapping table 12.    [Non-Patent Document 1] Thomas Wason, et al., “Liberty ID-FF Architecture Overview”, Liberty Alliance Project    [Patent Document 1] Japanese Laid-Open Patent Publication No. 2002-312320    [Patent Document 2] Japanese Laid-Open Patent Publication No. 2004-234329